Privacy and anonymity in Trust Negotiations".

Anna Squicciarini - University of Milano

Nov 09, 2005

Abstract

Trust negotiation is an emerging approach for establishing trust in open
systems, where sensitive interactions may often occur between entities with
no prior knowledge of each other. Although several proposals today exist of
systems for the management of trust negotiation, none of them provides a
comprehensive approach to the problem of privacy preservation. Trust
negotiation systems, however, by their very nature may represent a threat to
privacy. Credentials, exchanged during negotiations, often contain sensitive
personal information that thus needs to be selectively released. As we
believe that trust negotiation systems must effectively address privacy
issues to be widely acceptable, we have investigated privacy in the context
of trust negotiations. In this talk, we will propose the main results
obtained so far in the area of trust negotiation as part of the Ph.D.
activity. We propose a set of privacy preserving features to be included in
any trust negotiation system, such as the support for the P3P standard, as
well as a number of innovative features such as a novel format to encode
digital credentials specifically designed for preserving privacy. Finally, we
illustrate techniques for supporting anonymous trust negotiations as part of
a privacy-preserving trust negotiations, to carry on trust negotiations
without revealing identity related information.

About the Speaker

Anna Cinzia Squicciarini is a PhD Student at the University of Milan, Italy.
She received a degree in Computer Science from the University of Milan in
July 2002 with full marks. During autumn 2003 Anna Cinzia has been a visiting
researcher at Swedish Institute of Computer Science, Stockholm. During spring
2004 she also been research scholar at Colorado State University, Fort
Collins (CO), US. Her main research interests include trust negotiations,
privacy, models and mechanisms for privilege and contract management in
virtual organizations. Currently, she is visiting scholar at Purdue
University, West Lafayette, where she is exploring research issues related
with identity management and web service access control models.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.